[sf-lug] VPS question: accessible by root user on physical host?

Jason Turner jturner at nonzerosums.org
Sat May 31 08:30:41 PDT 2008 

On May 30, 2008, at 6:54 PM, Rick Moen wrote:

> Quoting Jason Turner (jturner at nonzerosums.org):
>
>> And I wonder, how much more "private" is such a service?
>> Say, like the one(s) hosted by Linode.com?  Linux/XEN setup.
>
> Linode, Inc. doesn't have shell of any sort on your virthost.  Their
> getting it or equivalent wouldn't be difficult but would commit  
> various
> business torts and also ruinous to their reputation if it were ever
> proved.
>
> Of course, in theory they could monitor traffic in and out of the
> virthost, and do traffic analysis of even encrypted traffic.  But,
> honestly, under most scenarios they lack motivation other than to  
> metre
> your resource consumption and make sure your virthost isn't being a  
> bad
> boy towards the nearby LAN.
>
>> Finally, the subject question, would my VPS be accessible by any user
>> not explicitly setup in my environment?
>
> Nope.
>
> Again, they _could_.  That's not the point, really.
>
> If you want physical security, you either have to trust someone per
> contractual relations (SAVVIS, HE, Community Colo, whatever) or  
> keep the
> gear behind your own locked door and guard that door.
>

Thanks for the info, Rick.  Yep, I realize some element of trust will  
always be involved if you don't have physical security.  I haven't  
decided if I'll make the switch (in my mail services) to a VPS yet.   
Or just wait until I can host a box at home.  I am headed toward the  
land of FIOS bandwidth and with the cheap prices of big disks these  
days, I think I'll be ready and willing to host some of my own  
services again.  Power(the cost of) would probably be my only  
concern.  UPS, networking equipment, server with large internal/ 
external disks?  Ugh.  I did it on the cheap before with a single old  
beige G3(running PPC Debian) and a hand me down UPS.  Running costs,  
even in SF, seemed negligible.  Now that I think about it -- I may  
have to start a benchmarking(power cost vs hardware hosted) thread  
sometime...

More information about the sf-lug mailing list